starred/jellyfin-jellyfin-1
1
0
Fork 0
mirror of https://github.com/jellyfin/jellyfin.git synced 2025-12-16 05:53:03 +03:00
Code Issues Packages Projects Releases Wiki Activity

Return correct status codes for authentication and authorization errors

Browse Source 
- Use AuthenticatonException to return 401
- Use SecurityException to return 403
- Update existing throws to throw the correct exception for the circumstance
This commit is contained in:
Mark Monteiro
2020-04-13 13:17:46 -04:00
parent 6d35dd6b32
commit 53380689ad
4 changed files with 13 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
Emby.Server.Implementations/HttpServer/Security/AuthService.cs
View File

@@ -2,6 +2,7 @@
using System;
using System.Linq;
using System.Security.Authentication;
using Emby.Server.Implementations.SocketSharp;
using MediaBrowser.Common.Net;
using MediaBrowser.Controller.Configuration;
@@ -68,7 +69,7 @@ namespace Emby.Server.Implementations.HttpServer.Security
if (user == null && auth.UserId != Guid.Empty)
{
throw new SecurityException("User with Id " + auth.UserId + " not found");
throw new AuthenticationException("User with Id " + auth.UserId + " not found");
}
if (user != null)
@@ -212,14 +213,14 @@ namespace Emby.Server.Implementations.HttpServer.Security
{
if (string.IsNullOrEmpty(token))
{
throw new SecurityException("Access token is required.");
throw new AuthenticationException("Access token is required.");
}
var info = GetTokenInfo(request);
if (info == null)
{
throw new SecurityException("Access token is invalid or expired.");
throw new AuthenticationException("Access token is invalid or expired.");
}
//if (!string.IsNullOrEmpty(info.UserId))